hadoop-hdfs-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sur...@apache.org
Subject svn commit: r1076076 - in /hadoop/hdfs/branches/HDFS-1052: ./ src/java/org/apache/hadoop/hdfs/security/token/block/ src/java/org/apache/hadoop/hdfs/server/balancer/ src/java/org/apache/hadoop/hdfs/server/datanode/ src/test/hdfs/org/apache/hadoop/hdfs/s...
Date Wed, 02 Mar 2011 01:26:09 GMT
Author: suresh
Date: Wed Mar  2 01:26:09 2011
New Revision: 1076076

URL: http://svn.apache.org/viewvc?rev=1076076&view=rev
Log:
HDFS-1673. Federation: Datanode changes to track block token secret per namenode. (suresh)


Modified:
    hadoop/hdfs/branches/HDFS-1052/CHANGES.txt
    hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenIdentifier.java
    hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenSecretManager.java
    hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/balancer/Balancer.java
    hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataNode.java
    hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java
    hadoop/hdfs/branches/HDFS-1052/src/test/hdfs/org/apache/hadoop/hdfs/security/token/block/TestBlockToken.java

Modified: hadoop/hdfs/branches/HDFS-1052/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/CHANGES.txt?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/CHANGES.txt (original)
+++ hadoop/hdfs/branches/HDFS-1052/CHANGES.txt Wed Mar  2 01:26:09 2011
@@ -94,13 +94,13 @@ Trunk (unreleased changes)
     HDFS-1663. Federation: Rename getPoolId() everywhere to 
     getBlockPoolId() (tanping via boryas)
 
-    HDFS-1652. Add support for multiple namenodes in MiniDFSCluster.
+    HDFS-1652. FederationL Add support for multiple namenodes in MiniDFSCluster.
     (suresh)
 
-    HDFS-1672. HDFS Federation: refactor stopDatanode(name) to work 
+    HDFS-1672. Federation: refactor stopDatanode(name) to work 
     with multiple Block Pools (boryas)
 
-    HDFS-1687. HDFS Federation: DirectoryScanner changes for 
+    HDFS-1687. Federation: DirectoryScanner changes for 
     federation (mattf via boryas)
 
     HDFS-1626. Make BLOCK_INVALIDATE_LIMIT configurable. (szetszwo)
@@ -108,12 +108,15 @@ Trunk (unreleased changes)
     HDFS-1655. Federation: DatablockScanner should scan blocks for 
     all the block pools. (jitendra)
 
-    HDFS-1664. Add block pool storage usage to Namenode WebUI.
+    HDFS-1664. Federation: Add block pool storage usage to Namenode WebUI.
     (Tanping via suresh)
 
-    HDFS-1674. Rename BlockPool class to BlockPoolSlice. 
+    HDFS-1674. Federation: Rename BlockPool class to BlockPoolSlice. 
     (jghoman, Tanping via suresh)
 
+    HDFS-1673. Federation: Datanode changes to track block token secret per 
+    namenode. (suresh)
+
   IMPROVEMENTS
 
     HDFS-1510. Added test-patch.properties required by test-patch.sh (nigel)

Modified: hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenIdentifier.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenIdentifier.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenIdentifier.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenIdentifier.java
Wed Mar  2 01:26:09 2011
@@ -37,19 +37,21 @@ public class BlockTokenIdentifier extend
   private long expiryDate;
   private int keyId;
   private String userId;
+  private String blockPoolId;
   private long blockId;
   private EnumSet<AccessMode> modes;
 
   private byte [] cache;
   
   public BlockTokenIdentifier() {
-    this(null, 0, EnumSet.noneOf(AccessMode.class));
+    this(null, null, 0, EnumSet.noneOf(AccessMode.class));
   }
 
-  public BlockTokenIdentifier(String userId, long blockId,
+  public BlockTokenIdentifier(String userId, String bpid, long blockId,
       EnumSet<AccessMode> modes) {
     this.cache = null;
     this.userId = userId;
+    this.blockPoolId = bpid;
     this.blockId = blockId;
     this.modes = modes == null ? EnumSet.noneOf(AccessMode.class) : modes;
   }
@@ -62,7 +64,8 @@ public class BlockTokenIdentifier extend
   @Override
   public UserGroupInformation getUser() {
     if (userId == null || "".equals(userId)) {
-      return UserGroupInformation.createRemoteUser(Long.toString(blockId));
+      String user = blockPoolId + ":" + Long.toString(blockId);
+      return UserGroupInformation.createRemoteUser(user);
     }
     return UserGroupInformation.createRemoteUser(userId);
   }
@@ -89,6 +92,10 @@ public class BlockTokenIdentifier extend
     return userId;
   }
 
+  public String getBlockPoolId() {
+    return blockPoolId;
+  }
+
   public long getBlockId() {
     return blockId;
   }
@@ -101,6 +108,7 @@ public class BlockTokenIdentifier extend
   public String toString() {
     return "block_token_identifier (expiryDate=" + this.getExpiryDate()
         + ", keyId=" + this.getKeyId() + ", userId=" + this.getUserId()
+        + ", blockPoolId=" + this.getBlockPoolId()
         + ", blockId=" + this.getBlockId() + ", access modes="
         + this.getAccessModes() + ")";
   }
@@ -117,7 +125,9 @@ public class BlockTokenIdentifier extend
     if (obj instanceof BlockTokenIdentifier) {
       BlockTokenIdentifier that = (BlockTokenIdentifier) obj;
       return this.expiryDate == that.expiryDate && this.keyId == that.keyId
-          && isEqual(this.userId, that.userId) && this.blockId == that.blockId
+          && isEqual(this.userId, that.userId) 
+          && isEqual(this.blockPoolId, that.blockPoolId)
+          && this.blockId == that.blockId
           && isEqual(this.modes, that.modes);
     }
     return false;
@@ -126,7 +136,8 @@ public class BlockTokenIdentifier extend
   /** {@inheritDoc} */
   public int hashCode() {
     return (int) expiryDate ^ keyId ^ (int) blockId ^ modes.hashCode()
-        ^ (userId == null ? 0 : userId.hashCode());
+        ^ (userId == null ? 0 : userId.hashCode())
+        ^ (blockPoolId == null ? 0 : blockPoolId.hashCode());
   }
 
   public void readFields(DataInput in) throws IOException {
@@ -134,6 +145,7 @@ public class BlockTokenIdentifier extend
     expiryDate = WritableUtils.readVLong(in);
     keyId = WritableUtils.readVInt(in);
     userId = WritableUtils.readString(in);
+    blockPoolId = WritableUtils.readString(in);
     blockId = WritableUtils.readVLong(in);
     int length = WritableUtils.readVInt(in);
     for (int i = 0; i < length; i++) {
@@ -145,6 +157,7 @@ public class BlockTokenIdentifier extend
     WritableUtils.writeVLong(out, expiryDate);
     WritableUtils.writeVInt(out, keyId);
     WritableUtils.writeString(out, userId);
+    WritableUtils.writeString(out, blockPoolId);
     WritableUtils.writeVLong(out, blockId);
     WritableUtils.writeVInt(out, modes.size());
     for (AccessMode aMode : modes) {

Modified: hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenSecretManager.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenSecretManager.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenSecretManager.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/security/token/block/BlockTokenSecretManager.java
Wed Mar  2 01:26:09 2011
@@ -31,7 +31,6 @@ import java.util.Map;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.classification.InterfaceAudience;
-import org.apache.hadoop.hdfs.protocol.Block;
 import org.apache.hadoop.hdfs.protocol.ExtendedBlock;
 import org.apache.hadoop.io.WritableUtils;
 import org.apache.hadoop.security.UserGroupInformation;
@@ -179,26 +178,18 @@ public class BlockTokenSecretManager ext
       EnumSet<AccessMode> modes) throws IOException {
     UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
     String userID = (ugi == null ? null : ugi.getShortUserName());
-    return generateToken(userID, block.getLocalBlock(), modes);
+    return generateToken(userID, block, modes);
   }
 
   /** Generate a block token for a specified user */
   public Token<BlockTokenIdentifier> generateToken(String userId,
-      Block block, EnumSet<AccessMode> modes) throws IOException {
+      ExtendedBlock block, EnumSet<AccessMode> modes) throws IOException {
     BlockTokenIdentifier id = new BlockTokenIdentifier(userId, block
-        .getBlockId(), modes);
+        .getBlockPoolId(), block.getBlockId(), modes);
     return new Token<BlockTokenIdentifier>(id, this);
   }
 
   /**
-   * TODO:FEDERATION To remove when block pool ID related coding is complete
-   */
-  public void checkAccess(Token<BlockTokenIdentifier> blockToken, String userId,
-      Block block, AccessMode mode) throws InvalidToken {
-    checkAccess(blockToken, userId, new ExtendedBlock("TODO", block), mode);
-  }
-  
-  /**
    * Check if access should be allowed. userID is not checked if null. This
    * method doesn't check if token password is correct. It should be used only
    * when token password has already been verified (e.g., in the RPC layer).
@@ -213,6 +204,10 @@ public class BlockTokenSecretManager ext
       throw new InvalidToken("Block token with " + id.toString()
           + " doesn't belong to user " + userId);
     }
+    if (!id.getBlockPoolId().equals(block.getBlockPoolId())) {
+      throw new InvalidToken("Block token with " + id.toString()
+          + " doesn't apply to block " + block);
+    }
     if (id.getBlockId() != block.getBlockId()) {
       throw new InvalidToken("Block token with " + id.toString()
           + " doesn't apply to block " + block);

Modified: hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/balancer/Balancer.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/balancer/Balancer.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/balancer/Balancer.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/balancer/Balancer.java
Wed Mar  2 01:26:09 2011
@@ -373,8 +373,10 @@ public class Balancer implements Tool {
     private void sendRequest(DataOutputStream out) throws IOException {
       Token<BlockTokenIdentifier> accessToken = BlockTokenSecretManager.DUMMY_TOKEN;
       if (isBlockTokenEnabled) {
-        accessToken = blockTokenSecretManager.generateToken(null, block
-            .getBlock(), EnumSet.of(BlockTokenSecretManager.AccessMode.REPLACE,
+        // TODO:FEDERATION use ExtendedBlock in BalancerBlock
+        ExtendedBlock eblk = new ExtendedBlock("TODO", block.getBlock());
+        accessToken = blockTokenSecretManager.generateToken(null, eblk,
+            EnumSet.of(BlockTokenSecretManager.AccessMode.REPLACE,
             BlockTokenSecretManager.AccessMode.COPY));
       }
       // TODO:FEDERATION use ExtendedBlock in BalancerBlock

Modified: hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataNode.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataNode.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataNode.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataNode.java
Wed Mar  2 01:26:09 2011
@@ -80,6 +80,7 @@ import org.apache.hadoop.hdfs.protocol.L
 import org.apache.hadoop.hdfs.protocol.RecoveryInProgressException;
 import org.apache.hadoop.hdfs.protocol.UnregisteredNodeException;
 import org.apache.hadoop.hdfs.protocol.DataTransferProtocol.BlockConstructionStage;
+import org.apache.hadoop.hdfs.security.token.block.BlockPoolTokenSecretManager;
 import org.apache.hadoop.hdfs.security.token.block.BlockTokenIdentifier;
 import org.apache.hadoop.hdfs.security.token.block.BlockTokenSecretManager;
 import org.apache.hadoop.hdfs.security.token.block.ExportedBlockKeys;
@@ -342,8 +343,7 @@ public class DataNode extends Configured
   boolean transferToAllowed = true;
   int writePacketSize = 0;
   boolean isBlockTokenEnabled;
-  BlockTokenSecretManager blockTokenSecretManager;
-  boolean isBlockTokenInitialized = false;
+  BlockPoolTokenSecretManager blockPoolTokenSecretManager;
   
   public DataBlockScanner blockScanner = null;
   private DirectoryScanner directoryScanner = null;
@@ -486,7 +486,7 @@ public class DataNode extends Configured
         conf.get("dfs.datanode.ipc.address"));
     ipcServer = RPC.getServer(DataNode.class, this, ipcAddr.getHostName(),
         ipcAddr.getPort(), conf.getInt("dfs.datanode.handler.count", 3), false,
-        conf, blockTokenSecretManager);
+        conf, blockPoolTokenSecretManager);
     
     // set service-level authorization security policy
     if (conf.getBoolean(
@@ -647,6 +647,7 @@ public class DataNode extends Configured
     private final LinkedList<Block> receivedBlockList = new LinkedList<Block>();
     private final LinkedList<String> delHints = new LinkedList<String>();
     private volatile boolean shouldServiceRun = true;
+    private boolean isBlockTokenInitialized = false;
 
     BPOfferService(InetSocketAddress isa) {
       this.bpRegistration = new DatanodeRegistration(datanodeId);
@@ -1080,7 +1081,7 @@ public class DataNode extends Configured
       }
 
       
-      // TODO:FEDERATION - reavaluate the following three checks!!!!!
+      // TODO:FEDERATION - reavaluate the following two checks!!!!!
       assert ("".equals(storage.getStorageID())
           && !"".equals(bpRegistration.getStorageID()))
           || storage.getStorageID().equals(bpRegistration.getStorageID()) :
@@ -1105,17 +1106,21 @@ public class DataNode extends Configured
         if (isBlockTokenEnabled) {
           long blockKeyUpdateInterval = keys.getKeyUpdateInterval();
           long blockTokenLifetime = keys.getTokenLifetime();
-          LOG.info("Block token params received from NN: keyUpdateInterval="
+          LOG.info("Block token params received from NN: for block pool " +
+              blockPoolId + " keyUpdateInterval="
               + blockKeyUpdateInterval / (60 * 1000)
               + " min(s), tokenLifetime=" + blockTokenLifetime / (60 * 1000)
               + " min(s)");
-          blockTokenSecretManager.setTokenLifetime(blockTokenLifetime);
+          final BlockTokenSecretManager secretMgr = 
+            new BlockTokenSecretManager(false, 0, blockTokenLifetime);
+          blockPoolTokenSecretManager.addBlockPool(blockPoolId, secretMgr);
         }
         isBlockTokenInitialized = true;
       }
 
       if (isBlockTokenEnabled) {
-        blockTokenSecretManager.setKeys(bpRegistration.exportedKeys);
+        blockPoolTokenSecretManager.setKeys(blockPoolId,
+            bpRegistration.exportedKeys);
         bpRegistration.exportedKeys = ExportedBlockKeys.DUMMY_KEYS;
       }
 
@@ -1262,7 +1267,8 @@ public class DataNode extends Configured
       case DatanodeProtocol.DNA_ACCESSKEYUPDATE:
         LOG.info("DatanodeCommand action: DNA_ACCESSKEYUPDATE");
         if (isBlockTokenEnabled) {
-          blockTokenSecretManager.setKeys(((KeyUpdateCommand) cmd).getExportedKeys());
+          blockPoolTokenSecretManager.setKeys(blockPoolId, 
+              ((KeyUpdateCommand) cmd).getExportedKeys());
         }
         break;
       default:
@@ -1867,7 +1873,7 @@ public class DataNode extends Configured
         //
         Token<BlockTokenIdentifier> accessToken = BlockTokenSecretManager.DUMMY_TOKEN;
         if (isBlockTokenEnabled) {
-          accessToken = blockTokenSecretManager.generateToken(b, 
+          accessToken = blockPoolTokenSecretManager.generateToken(b, 
               EnumSet.of(BlockTokenSecretManager.AccessMode.WRITE));
         }
         DataTransferProtocol.Sender.opWriteBlock(out,
@@ -1926,9 +1932,9 @@ public class DataNode extends Configured
     ipcServer.start();
     startPlugins(conf);
     
-    // BlockTokenSecretManager is created here, but it shouldn't be
+    // BlockPoolTokenSecretManager is created here, but it shouldn't be
     // used until it is initialized in register().
-    this.blockTokenSecretManager = new BlockTokenSecretManager(false, 0, 0);    
+    this.blockPoolTokenSecretManager = new BlockPoolTokenSecretManager();
   }
 
   public boolean isDatanodeUp() {
@@ -2439,7 +2445,7 @@ public class DataNode extends Configured
         if (LOG.isDebugEnabled()) {
           LOG.debug("Got: " + id.toString());
         }
-        blockTokenSecretManager.checkAccess(id, null, block,
+        blockPoolTokenSecretManager.checkAccess(id, null, block,
             BlockTokenSecretManager.AccessMode.WRITE);
       }
     }

Modified: hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/java/org/apache/hadoop/hdfs/server/datanode/DataXceiver.java
Wed Mar  2 01:26:09 2011
@@ -17,7 +17,6 @@
  */
 package org.apache.hadoop.hdfs.server.datanode;
 
-import static org.apache.hadoop.hdfs.protocol.DataTransferProtocol.Status.CHECKSUM_OK;
 import static org.apache.hadoop.hdfs.protocol.DataTransferProtocol.Status.ERROR;
 import static org.apache.hadoop.hdfs.protocol.DataTransferProtocol.Status.ERROR_ACCESS_TOKEN;
 import static org.apache.hadoop.hdfs.protocol.DataTransferProtocol.Status.SUCCESS;
@@ -140,7 +139,7 @@ class DataXceiver extends DataTransferPr
 
     if (datanode.isBlockTokenEnabled) {
       try {
-        datanode.blockTokenSecretManager.checkAccess(blockToken, null, block,
+        datanode.blockPoolTokenSecretManager.checkAccess(blockToken, null, block,
             BlockTokenSecretManager.AccessMode.READ);
       } catch (InvalidToken e) {
         try {
@@ -231,7 +230,7 @@ class DataXceiver extends DataTransferPr
       datanode.getDNRegistrationForBP(block.getBlockPoolId());
     if (datanode.isBlockTokenEnabled) {
       try {
-        datanode.blockTokenSecretManager.checkAccess(blockToken, null, block,
+        datanode.blockPoolTokenSecretManager.checkAccess(blockToken, null, block,
             BlockTokenSecretManager.AccessMode.WRITE);
       } catch (InvalidToken e) {
         try {
@@ -406,8 +405,8 @@ class DataXceiver extends DataTransferPr
         datanode.socketWriteTimeout));
     if (datanode.isBlockTokenEnabled) {
       try {
-        datanode.blockTokenSecretManager.checkAccess(blockToken, null, block,
-            BlockTokenSecretManager.AccessMode.READ);
+        datanode.blockPoolTokenSecretManager.checkAccess(blockToken, null,
+            block, BlockTokenSecretManager.AccessMode.READ);
       } catch (InvalidToken e) {
         try {
           ERROR_ACCESS_TOKEN.write(out);
@@ -469,7 +468,7 @@ class DataXceiver extends DataTransferPr
     // Read in the header
     if (datanode.isBlockTokenEnabled) {
       try {
-        datanode.blockTokenSecretManager.checkAccess(blockToken, null, block,
+        datanode.blockPoolTokenSecretManager.checkAccess(blockToken, null, block,
             BlockTokenSecretManager.AccessMode.COPY);
       } catch (InvalidToken e) {
         LOG.warn("Invalid access token in request from " + remoteAddress
@@ -545,7 +544,7 @@ class DataXceiver extends DataTransferPr
     block.setNumBytes(dataXceiverServer.estimateBlockSize);
     if (datanode.isBlockTokenEnabled) {
       try {
-        datanode.blockTokenSecretManager.checkAccess(blockToken, null, block,
+        datanode.blockPoolTokenSecretManager.checkAccess(blockToken, null, block,
             BlockTokenSecretManager.AccessMode.REPLACE);
       } catch (InvalidToken e) {
         LOG.warn("Invalid access token in request from " + remoteAddress

Modified: hadoop/hdfs/branches/HDFS-1052/src/test/hdfs/org/apache/hadoop/hdfs/security/token/block/TestBlockToken.java
URL: http://svn.apache.org/viewvc/hadoop/hdfs/branches/HDFS-1052/src/test/hdfs/org/apache/hadoop/hdfs/security/token/block/TestBlockToken.java?rev=1076076&r1=1076075&r2=1076076&view=diff
==============================================================================
--- hadoop/hdfs/branches/HDFS-1052/src/test/hdfs/org/apache/hadoop/hdfs/security/token/block/TestBlockToken.java
(original)
+++ hadoop/hdfs/branches/HDFS-1052/src/test/hdfs/org/apache/hadoop/hdfs/security/token/block/TestBlockToken.java
Wed Mar  2 01:26:09 2011
@@ -221,5 +221,34 @@ public class TestBlockToken {
       }
     }
   }
-
+  
+  /** 
+   * Test {@link BlockPoolTokenSecretManager}
+   */
+  @Test
+  public void testBlockPoolTokenSecretManager() throws Exception {
+    BlockPoolTokenSecretManager bpMgr = new BlockPoolTokenSecretManager();
+    
+    // Test BlockPoolSecretManager with upto 10 block pools
+    for (int i = 0; i < 10; i++) {
+      String bpid = Integer.toString(i);
+      BlockTokenSecretManager masterHandler = new BlockTokenSecretManager(true,
+          blockKeyUpdateInterval, blockTokenLifetime);
+      BlockTokenSecretManager slaveHandler = new BlockTokenSecretManager(false,
+          blockKeyUpdateInterval, blockTokenLifetime);
+      bpMgr.addBlockPool(bpid, slaveHandler);
+      
+      
+      ExportedBlockKeys keys = masterHandler.exportKeys();
+      bpMgr.setKeys(bpid, keys);
+      tokenGenerationAndVerification(masterHandler, bpMgr.get(bpid));
+      
+      // Test key updating
+      masterHandler.updateKeys();
+      tokenGenerationAndVerification(masterHandler, bpMgr.get(bpid));
+      keys = masterHandler.exportKeys();
+      bpMgr.setKeys(bpid, keys);
+      tokenGenerationAndVerification(masterHandler, bpMgr.get(bpid));
+    }
+  }
 }



Mime
View raw message