View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  package org.apache.hadoop.hbase.security;
19  
20  import org.apache.hadoop.conf.Configuration;
21  import org.apache.hadoop.fs.CommonConfigurationKeys;
22  import org.apache.hadoop.hbase.HBaseConfiguration;
23  import org.apache.hadoop.hbase.classification.InterfaceAudience;
24  
25  import com.google.common.base.Strings;
26  
27  @InterfaceAudience.Private
28  public class HBaseKerberosUtils {
29    public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal";
30    public static final String MASTER_KRB_PRINCIPAL = "hbase.master.kerberos.principal";
31    public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file";
32  
33    public static boolean isKerberosPropertySetted() {
34      String krbPrincipal = System.getProperty(KRB_PRINCIPAL);
35      String krbKeytab = System.getProperty(KRB_KEYTAB_FILE);
36      if (Strings.isNullOrEmpty(krbPrincipal) || Strings.isNullOrEmpty(krbKeytab)) {
37        return false;
38      }
39      return true;
40    }
41  
42    public static void setPrincipalForTesting(String principal) {
43      setSystemProperty(KRB_PRINCIPAL, principal);
44    }
45  
46    public static void setKeytabFileForTesting(String keytabFile) {
47      setSystemProperty(KRB_KEYTAB_FILE, keytabFile);
48    }
49  
50    public static void setSystemProperty(String propertyName, String propertyValue) {
51      System.setProperty(propertyName, propertyValue);
52    }
53  
54    public static String getKeytabFileForTesting() {
55      return System.getProperty(KRB_KEYTAB_FILE);
56    }
57  
58    public static String getPrincipalForTesting() {
59      return System.getProperty(KRB_PRINCIPAL);
60    }
61  
62    public static Configuration getConfigurationWoPrincipal() {
63      Configuration conf = HBaseConfiguration.create();
64      conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos");
65      conf.set(User.HBASE_SECURITY_CONF_KEY, "kerberos");
66      conf.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true);
67      return conf;
68    }
69  
70    public static Configuration getSecuredConfiguration() {
71      Configuration conf = HBaseConfiguration.create();
72      setSecuredConfiguration(conf);
73      return conf;
74    }
75  
76    public static void setSecuredConfiguration(Configuration conf) {
77      conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos");
78      conf.set(User.HBASE_SECURITY_CONF_KEY, "kerberos");
79      conf.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true);
80      conf.set(KRB_KEYTAB_FILE, System.getProperty(KRB_KEYTAB_FILE));
81      conf.set(KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL));
82      conf.set(MASTER_KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL));
83    }
84  }