1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.hadoop.hbase.security;
20
21 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getConfigurationWoPrincipal;
22 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getKeytabFileForTesting;
23 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getPrincipalForTesting;
24 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getSecuredConfiguration;
25 import static org.junit.Assert.assertFalse;
26 import static org.junit.Assert.assertNotNull;
27 import static org.junit.Assert.assertTrue;
28
29 import java.io.File;
30 import java.io.IOException;
31
32 import org.apache.hadoop.conf.Configuration;
33 import org.apache.hadoop.hbase.HBaseTestingUtility;
34 import org.apache.hadoop.hbase.testclassification.SmallTests;
35 import org.apache.hadoop.minikdc.MiniKdc;
36 import org.apache.hadoop.security.UserGroupInformation;
37 import org.junit.AfterClass;
38 import org.junit.BeforeClass;
39 import org.junit.Test;
40 import org.junit.experimental.categories.Category;
41
42 @Category(SmallTests.class)
43 public class TestUsersOperationsWithSecureHadoop {
44
45 private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
46 private static final File KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri()
47 .getPath());
48
49 private static MiniKdc KDC;
50
51 private static String HOST = "localhost";
52
53 private static String PRINCIPAL;
54
55 @BeforeClass
56 public static void setUp() throws Exception {
57 KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE);
58 PRINCIPAL = "hbase/" + HOST;
59 KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL);
60 HBaseKerberosUtils.setPrincipalForTesting(PRINCIPAL + "@" + KDC.getRealm());
61 }
62
63 @AfterClass
64 public static void tearDown() throws IOException {
65 if (KDC != null) {
66 KDC.stop();
67 }
68 TEST_UTIL.cleanupTestDir();
69 }
70
71
72
73
74
75
76
77
78
79
80 @Test
81 public void testUserLoginInSecureHadoop() throws Exception {
82 UserGroupInformation defaultLogin = UserGroupInformation.getLoginUser();
83 Configuration conf = getConfigurationWoPrincipal();
84 User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE, HBaseKerberosUtils.KRB_PRINCIPAL,
85 "localhost");
86
87 UserGroupInformation failLogin = UserGroupInformation.getLoginUser();
88 assertTrue("ugi should be the same in case fail login", defaultLogin.equals(failLogin));
89
90 String nnKeyTab = getKeytabFileForTesting();
91 String dnPrincipal = getPrincipalForTesting();
92
93 assertNotNull("KerberosKeytab was not specified", nnKeyTab);
94 assertNotNull("KerberosPrincipal was not specified", dnPrincipal);
95
96 conf = getSecuredConfiguration();
97 UserGroupInformation.setConfiguration(conf);
98
99 User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE, HBaseKerberosUtils.KRB_PRINCIPAL,
100 "localhost");
101 UserGroupInformation successLogin = UserGroupInformation.getLoginUser();
102 assertFalse("ugi should be different in in case success login",
103 defaultLogin.equals(successLogin));
104 }
105 }