Source code

001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019package org.apache.hadoop.hbase.security.token;
020
021import org.apache.hadoop.fs.Path;
022import org.apache.hadoop.hbase.HBaseTestingUtility;
023import org.apache.hadoop.hbase.LocalHBaseCluster;
024import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
025import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
026import org.apache.hadoop.hbase.util.FSUtils;
027import org.apache.hadoop.minikdc.MiniKdc;
028import org.apache.hadoop.security.UserGroupInformation;
029import org.junit.AfterClass;
030import org.junit.BeforeClass;
031
032import java.io.File;
033
034/**
035 * The class for set up a security cluster with kerberos, hdfs, hbase.
036 */
037public class SecureTestCluster {
038  protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
039
040  protected static String USERNAME;
041
042  private static LocalHBaseCluster CLUSTER;
043
044  private static final File KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri()
045      .getPath());
046  private static MiniKdc KDC;
047
048  private static String HOST = "localhost";
049
050  private static String PRINCIPAL;
051
052  private static String HTTP_PRINCIPAL;
053
054  /**
055   * Setup and start kerberos, hbase
056   */
057  @BeforeClass
058  public static void setUp() throws Exception {
059    KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE);
060    USERNAME = UserGroupInformation.getLoginUser().getShortUserName();
061    PRINCIPAL = USERNAME + "/" + HOST;
062    HTTP_PRINCIPAL = "HTTP/" + HOST;
063    KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL, HTTP_PRINCIPAL);
064    TEST_UTIL.startMiniZKCluster();
065
066    HBaseKerberosUtils.setSecuredConfiguration(TEST_UTIL.getConfiguration(),
067        PRINCIPAL + "@" + KDC.getRealm(), HTTP_PRINCIPAL + "@" + KDC.getRealm());
068    HBaseKerberosUtils.setSSLConfiguration(TEST_UTIL, SecureTestCluster.class);
069
070    TEST_UTIL.getConfiguration().setStrings(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,
071        TokenProvider.class.getName());
072    TEST_UTIL.startMiniDFSCluster(1);
073    Path rootdir = TEST_UTIL.getDataTestDirOnTestFS("TestGenerateDelegationToken");
074    FSUtils.setRootDir(TEST_UTIL.getConfiguration(), rootdir);
075    CLUSTER = new LocalHBaseCluster(TEST_UTIL.getConfiguration(), 1);
076    CLUSTER.startup();
077  }
078
079  @AfterClass
080  public static void tearDown() throws Exception {
081    if (CLUSTER != null) {
082      CLUSTER.shutdown();
083    }
084    CLUSTER.join();
085    if (KDC != null) {
086      KDC.stop();
087    }
088    TEST_UTIL.shutdownMiniCluster();
089  }
090}