001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.thrift; 019 020import static org.apache.hadoop.hbase.thrift.TestThriftServerCmdLine.createBoundServer; 021import static org.junit.Assert.assertFalse; 022import static org.junit.Assert.fail; 023 024import java.io.IOException; 025import java.net.HttpURLConnection; 026import java.net.URL; 027import java.util.function.Supplier; 028import org.apache.hadoop.conf.Configuration; 029import org.apache.hadoop.hbase.HBaseClassTestRule; 030import org.apache.hadoop.hbase.HBaseTestingUtility; 031import org.apache.hadoop.hbase.HConstants; 032import org.apache.hadoop.hbase.testclassification.ClientTests; 033import org.apache.hadoop.hbase.testclassification.LargeTests; 034import org.apache.hadoop.hbase.thrift.generated.Hbase; 035import org.apache.hadoop.hbase.util.EnvironmentEdgeManager; 036import org.apache.hadoop.hbase.util.EnvironmentEdgeManagerTestHelper; 037import org.apache.hadoop.hbase.util.IncrementingEnvironmentEdge; 038import org.apache.hadoop.hbase.util.TableDescriptorChecker; 039import org.apache.thrift.protocol.TBinaryProtocol; 040import org.apache.thrift.protocol.TProtocol; 041import org.apache.thrift.transport.THttpClient; 042import org.apache.thrift.transport.TTransportException; 043import org.junit.AfterClass; 044import org.junit.Assert; 045import org.junit.BeforeClass; 046import org.junit.ClassRule; 047import org.junit.Rule; 048import org.junit.Test; 049import org.junit.experimental.categories.Category; 050import org.junit.rules.ExpectedException; 051import org.slf4j.Logger; 052import org.slf4j.LoggerFactory; 053 054/** 055 * Start the HBase Thrift HTTP server on a random port through the command-line interface and talk 056 * to it from client side. 057 */ 058@Category({ ClientTests.class, LargeTests.class }) 059public class TestThriftHttpServer { 060 @ClassRule 061 public static final HBaseClassTestRule CLASS_RULE = 062 HBaseClassTestRule.forClass(TestThriftHttpServer.class); 063 064 private static final Logger LOG = LoggerFactory.getLogger(TestThriftHttpServer.class); 065 066 protected static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility(); 067 068 @BeforeClass 069 public static void setUpBeforeClass() throws Exception { 070 TEST_UTIL.getConfiguration().setBoolean(Constants.USE_HTTP_CONF_KEY, true); 071 TEST_UTIL.getConfiguration().setBoolean(TableDescriptorChecker.TABLE_SANITY_CHECKS, false); 072 TEST_UTIL.startMiniCluster(); 073 // ensure that server time increments every time we do an operation, otherwise 074 // successive puts having the same timestamp will override each other 075 EnvironmentEdgeManagerTestHelper.injectEdge(new IncrementingEnvironmentEdge()); 076 } 077 078 @AfterClass 079 public static void tearDownAfterClass() throws Exception { 080 TEST_UTIL.shutdownMiniCluster(); 081 EnvironmentEdgeManager.reset(); 082 } 083 084 @Test 085 public void testExceptionThrownWhenMisConfigured() throws IOException { 086 Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); 087 conf.set("hbase.thrift.security.qop", "privacy"); 088 conf.setBoolean("hbase.thrift.ssl.enabled", false); 089 ExpectedException thrown = ExpectedException.none(); 090 ThriftServerRunner tsr = null; 091 try { 092 thrown.expect(IllegalArgumentException.class); 093 thrown.expectMessage( 094 "Thrift HTTP Server's QoP is privacy, " + "but hbase.thrift.ssl.enabled is false"); 095 tsr = TestThriftServerCmdLine.createBoundServer(() -> new ThriftServer(conf)); 096 fail("Thrift HTTP Server starts up even with wrong security configurations."); 097 } catch (Exception e) { 098 LOG.info("Expected!", e); 099 } finally { 100 if (tsr != null) { 101 tsr.close(); 102 } 103 } 104 } 105 106 @Rule 107 public ExpectedException exception = ExpectedException.none(); 108 109 @Test 110 public void testRunThriftServerWithHeaderBufferLength() throws Exception { 111 // Test thrift server with HTTP header length less than 64k 112 try { 113 runThriftServer(1024 * 63); 114 } catch (TTransportException tex) { 115 assertFalse(tex.getMessage().equals("HTTP Response code: 431")); 116 } 117 118 // Test thrift server with HTTP header length more than 64k, expect an exception 119 exception.expect(TTransportException.class); 120 exception.expectMessage("HTTP Response code: 431"); 121 runThriftServer(1024 * 64); 122 } 123 124 protected Supplier<ThriftServer> getThriftServerSupplier() { 125 return () -> new ThriftServer(TEST_UTIL.getConfiguration()); 126 } 127 128 @Test 129 public void testRunThriftServer() throws Exception { 130 runThriftServer(0); 131 } 132 133 void runThriftServer(int customHeaderSize) throws Exception { 134 // Add retries in case we see stuff like connection reset 135 Exception clientSideException = null; 136 for (int i = 0; i < 10; i++) { 137 clientSideException = null; 138 ThriftServerRunner tsr = createBoundServer(getThriftServerSupplier()); 139 String url = "http://" + HConstants.LOCALHOST + ":" + tsr.getThriftServer().listenPort; 140 try { 141 checkHttpMethods(url); 142 talkToThriftServer(url, customHeaderSize); 143 break; 144 } catch (Exception ex) { 145 clientSideException = ex; 146 LOG.info("Client-side Exception", ex); 147 } finally { 148 tsr.close(); 149 tsr.join(); 150 if (tsr.getRunException() != null) { 151 LOG.error("Invocation of HBase Thrift server threw exception", tsr.getRunException()); 152 throw tsr.getRunException(); 153 } 154 } 155 } 156 157 if (clientSideException != null) { 158 LOG.error("Thrift Client", clientSideException); 159 throw clientSideException; 160 } 161 } 162 163 private void checkHttpMethods(String url) throws Exception { 164 // HTTP TRACE method should be disabled for security 165 // See https://www.owasp.org/index.php/Cross_Site_Tracing 166 HttpURLConnection conn = (HttpURLConnection) new URL(url).openConnection(); 167 conn.setRequestMethod("TRACE"); 168 conn.connect(); 169 Assert.assertEquals(conn.getResponseMessage(), HttpURLConnection.HTTP_FORBIDDEN, 170 conn.getResponseCode()); 171 } 172 173 protected static volatile boolean tableCreated = false; 174 175 protected void talkToThriftServer(String url, int customHeaderSize) throws Exception { 176 THttpClient httpClient = new THttpClient(url); 177 httpClient.open(); 178 179 if (customHeaderSize > 0) { 180 StringBuilder sb = new StringBuilder(); 181 for (int i = 0; i < customHeaderSize; i++) { 182 sb.append("a"); 183 } 184 httpClient.setCustomHeader("User-Agent", sb.toString()); 185 } 186 187 try { 188 TProtocol prot; 189 prot = new TBinaryProtocol(httpClient); 190 Hbase.Client client = new Hbase.Client(prot); 191 if (!tableCreated) { 192 TestThriftServer.createTestTables(client); 193 tableCreated = true; 194 } 195 TestThriftServer.checkTableList(client); 196 } finally { 197 httpClient.close(); 198 } 199 } 200}