001/** 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 019package org.apache.hadoop.hbase.security.token; 020 021import org.apache.hadoop.fs.Path; 022import org.apache.hadoop.hbase.HBaseTestingUtility; 023import org.apache.hadoop.hbase.LocalHBaseCluster; 024import org.apache.hadoop.hbase.coprocessor.CoprocessorHost; 025import org.apache.hadoop.hbase.security.HBaseKerberosUtils; 026import org.apache.hadoop.hbase.util.FSUtils; 027import org.apache.hadoop.minikdc.MiniKdc; 028import org.apache.hadoop.security.UserGroupInformation; 029import org.junit.AfterClass; 030import org.junit.BeforeClass; 031 032import java.io.File; 033 034/** 035 * The class for set up a security cluster with kerberos, hdfs, hbase. 036 */ 037public class SecureTestCluster { 038 protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility(); 039 040 protected static String USERNAME; 041 042 private static LocalHBaseCluster CLUSTER; 043 044 private static final File KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri() 045 .getPath()); 046 private static MiniKdc KDC; 047 048 private static String HOST = "localhost"; 049 050 private static String PRINCIPAL; 051 052 private static String HTTP_PRINCIPAL; 053 054 /** 055 * Setup and start kerberos, hbase 056 */ 057 @BeforeClass 058 public static void setUp() throws Exception { 059 KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE); 060 USERNAME = UserGroupInformation.getLoginUser().getShortUserName(); 061 PRINCIPAL = USERNAME + "/" + HOST; 062 HTTP_PRINCIPAL = "HTTP/" + HOST; 063 KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL, HTTP_PRINCIPAL); 064 TEST_UTIL.startMiniZKCluster(); 065 066 HBaseKerberosUtils.setSecuredConfiguration(TEST_UTIL.getConfiguration(), 067 PRINCIPAL + "@" + KDC.getRealm(), HTTP_PRINCIPAL + "@" + KDC.getRealm()); 068 HBaseKerberosUtils.setSSLConfiguration(TEST_UTIL, SecureTestCluster.class); 069 070 TEST_UTIL.getConfiguration().setStrings(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY, 071 TokenProvider.class.getName()); 072 TEST_UTIL.startMiniDFSCluster(1); 073 Path rootdir = TEST_UTIL.getDataTestDirOnTestFS("TestGenerateDelegationToken"); 074 FSUtils.setRootDir(TEST_UTIL.getConfiguration(), rootdir); 075 CLUSTER = new LocalHBaseCluster(TEST_UTIL.getConfiguration(), 1); 076 CLUSTER.startup(); 077 } 078 079 @AfterClass 080 public static void tearDown() throws Exception { 081 if (CLUSTER != null) { 082 CLUSTER.shutdown(); 083 } 084 CLUSTER.join(); 085 if (KDC != null) { 086 KDC.stop(); 087 } 088 TEST_UTIL.shutdownMiniCluster(); 089 } 090}