001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.ipc;
019
020import java.io.File;
021import java.security.PrivilegedExceptionAction;
022import org.apache.hadoop.conf.Configuration;
023import org.apache.hadoop.fs.CommonConfigurationKeys;
024import org.apache.hadoop.hbase.HBaseClassTestRule;
025import org.apache.hadoop.hbase.HBaseTestingUtility;
026import org.apache.hadoop.hbase.TableNameTestRule;
027import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
028import org.apache.hadoop.hbase.testclassification.MediumTests;
029import org.apache.hadoop.hbase.testclassification.RPCTests;
030import org.apache.hadoop.minikdc.MiniKdc;
031import org.apache.hadoop.security.UserGroupInformation;
032import org.junit.AfterClass;
033import org.junit.BeforeClass;
034import org.junit.ClassRule;
035import org.junit.Rule;
036import org.junit.Test;
037import org.junit.experimental.categories.Category;
038
039@Category({ RPCTests.class, MediumTests.class })
040public class TestSecureSimpleRpcServer extends TestSimpleRpcServer {
041
042  @ClassRule
043  public static final HBaseClassTestRule CLASS_RULE =
044    HBaseClassTestRule.forClass(TestSecureSimpleRpcServer.class);
045
046  private static File KEYTAB_FILE;
047  private static MiniKdc KDC;
048  private static String HOST = "localhost";
049  private static String PRINCIPAL;
050  private static UserGroupInformation UGI;
051
052  @Rule
053  public TableNameTestRule name = new TableNameTestRule();
054
055  @BeforeClass
056  public static void setupClass() throws Exception {
057    TEST_UTIL = new HBaseTestingUtility();
058    KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri().getPath());
059    KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE);
060    PRINCIPAL = "hbase/" + HOST;
061    KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL);
062    String principalName = PRINCIPAL + "@" + KDC.getRealm();
063    HBaseKerberosUtils.setPrincipalForTesting(principalName);
064    Configuration conf = TEST_UTIL.getConfiguration();
065    HBaseKerberosUtils.setSecuredConfiguration(conf, principalName, principalName);
066    UGI = login(KEYTAB_FILE.toString(), principalName);
067    TestSimpleRpcServer.setupClass();
068
069  }
070
071  @AfterClass
072  public static void tearDownClass() throws Exception {
073    if (KDC != null) {
074      KDC.stop();
075    }
076    KEYTAB_FILE.delete();
077    TestSimpleRpcServer.tearDownClass();
078    TEST_UTIL.cleanupTestDir();
079  }
080
081  @Override
082  @Test
083  public void testSimpleRpcServer() throws Exception {
084    UGI.doAs(new PrivilegedExceptionAction<Void>() {
085      @Override
086      public Void run() throws Exception {
087        doTest(name.getTableName());
088        return null;
089      }
090    });
091  }
092
093  static UserGroupInformation login(String krbKeytab, String krbPrincipal) throws Exception {
094    Configuration conf = new Configuration();
095    conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos");
096    UserGroupInformation.setConfiguration(conf);
097    UserGroupInformation.loginUserFromKeytab(krbPrincipal, krbKeytab);
098    return UserGroupInformation.getLoginUser();
099  }
100
101}