001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019package org.apache.hadoop.hbase.security.token;
020
021import java.io.File;
022import org.apache.hadoop.fs.Path;
023import org.apache.hadoop.hbase.HBaseTestingUtility;
024import org.apache.hadoop.hbase.LocalHBaseCluster;
025import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
026import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
027import org.apache.hadoop.hbase.util.CommonFSUtils;
028import org.apache.hadoop.minikdc.MiniKdc;
029import org.apache.hadoop.security.UserGroupInformation;
030import org.junit.AfterClass;
031import org.junit.BeforeClass;
032
033/**
034 * The class for set up a security cluster with kerberos, hdfs, hbase.
035 */
036public class SecureTestCluster {
037  protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
038
039  protected static String USERNAME;
040
041  private static LocalHBaseCluster CLUSTER;
042
043  private static final File KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri()
044      .getPath());
045  private static MiniKdc KDC;
046
047  private static String HOST = "localhost";
048
049  private static String PRINCIPAL;
050
051  private static String HTTP_PRINCIPAL;
052
053  //When extending SecureTestCluster on downstream projects that refer SecureTestCluster via
054  //hbase-server jar, we need to provide a way for the implementation to refer to its own class
055  //definition, so that KeyStoreTestUtil.getClasspathDir can resolve a valid path in the local FS
056  //to place required SSL config files.
057  private static Class testRunnerClass = SecureTestCluster.class;
058
059  /**
060   * SecureTestCluster extending classes can set their own <code>Class</code> reference type
061   * to be used as the target resource to be looked for on the class loader by
062   * <code>KeyStoreTestUtil</code>, when deciding where to place ssl related config files.
063   * @param testRunnerClass a <code>Class</code> reference from the
064   *                        <code>SecureTestCluster</code> extender.
065   */
066  protected static void setTestRunner(Class testRunnerClass){
067    SecureTestCluster.testRunnerClass = testRunnerClass;
068  }
069
070  /**
071   * Setup and start kerberos, hbase
072   */
073  @BeforeClass
074  public static void setUp() throws Exception {
075    KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE);
076    USERNAME = UserGroupInformation.getLoginUser().getShortUserName();
077    PRINCIPAL = USERNAME + "/" + HOST;
078    HTTP_PRINCIPAL = "HTTP/" + HOST;
079    KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL, HTTP_PRINCIPAL);
080    TEST_UTIL.startMiniZKCluster();
081
082    HBaseKerberosUtils.setSecuredConfiguration(TEST_UTIL.getConfiguration(),
083        PRINCIPAL + "@" + KDC.getRealm(), HTTP_PRINCIPAL + "@" + KDC.getRealm());
084    HBaseKerberosUtils.setSSLConfiguration(TEST_UTIL, testRunnerClass);
085
086    TEST_UTIL.getConfiguration().setStrings(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,
087        TokenProvider.class.getName());
088    TEST_UTIL.startMiniDFSCluster(1);
089    Path rootdir = TEST_UTIL.getDataTestDirOnTestFS("TestGenerateDelegationToken");
090    CommonFSUtils.setRootDir(TEST_UTIL.getConfiguration(), rootdir);
091    CLUSTER = new LocalHBaseCluster(TEST_UTIL.getConfiguration(), 1);
092    CLUSTER.startup();
093  }
094
095  @AfterClass
096  public static void tearDown() throws Exception {
097    try {
098      if (CLUSTER != null) {
099        CLUSTER.shutdown();
100      }
101      CLUSTER.join();
102      if (KDC != null) {
103        KDC.stop();
104      }
105      TEST_UTIL.shutdownMiniCluster();
106    } finally {
107      setTestRunner(SecureTestCluster.class);
108    }
109  }
110}