Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.ipc;
019
020import java.io.File;
021import java.security.PrivilegedExceptionAction;
022import java.util.stream.Stream;
023import org.apache.hadoop.conf.Configuration;
024import org.apache.hadoop.fs.CommonConfigurationKeys;
025import org.apache.hadoop.hbase.HBaseParameterizedTestTemplate;
026import org.apache.hadoop.hbase.HBaseTestingUtil;
027import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
028import org.apache.hadoop.hbase.testclassification.MediumTests;
029import org.apache.hadoop.hbase.testclassification.RPCTests;
030import org.apache.hadoop.minikdc.MiniKdc;
031import org.apache.hadoop.security.UserGroupInformation;
032import org.junit.jupiter.api.AfterEach;
033import org.junit.jupiter.api.BeforeEach;
034import org.junit.jupiter.api.Tag;
035import org.junit.jupiter.api.TestTemplate;
036import org.junit.jupiter.params.provider.Arguments;
037
038@Tag(RPCTests.TAG)
039@Tag(MediumTests.TAG)
040@HBaseParameterizedTestTemplate(name = "{index}: allocatorType={0}")
041public class TestSecureNettyRpcServer extends TestNettyRpcServer {
042
043  private static File KEYTAB_FILE;
044  private static MiniKdc KDC;
045  private static String HOST = "localhost";
046  private static String PRINCIPAL;
047  private static UserGroupInformation UGI;
048
049  public TestSecureNettyRpcServer(String allocatorType) {
050    super(allocatorType);
051  }
052
053  public static Stream<Arguments> parameters() {
054    return TestNettyRpcServer.parameters();
055  }
056
057  @BeforeEach
058  public void setup() throws Exception {
059    TEST_UTIL = new HBaseTestingUtil();
060    KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri().getPath());
061    KDC = TEST_UTIL.setupMiniKdc(KEYTAB_FILE);
062    PRINCIPAL = "hbase/" + HOST;
063    KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL);
064    String principalName = PRINCIPAL + "@" + KDC.getRealm();
065    HBaseKerberosUtils.setPrincipalForTesting(principalName);
066    Configuration conf = TEST_UTIL.getConfiguration();
067    HBaseKerberosUtils.setSecuredConfiguration(conf, principalName, principalName);
068    UGI = login(KEYTAB_FILE.toString(), principalName);
069    super.setup();
070  }
071
072  @AfterEach
073  public void tearDown() throws Exception {
074    if (KDC != null) {
075      KDC.stop();
076    }
077    KEYTAB_FILE.delete();
078    super.tearDown();
079    TEST_UTIL.cleanupTestDir();
080  }
081
082  @Override
083  @TestTemplate
084  public void testNettyRpcServer() throws Exception {
085    UGI.doAs(new PrivilegedExceptionAction<Void>() {
086      @Override
087      public Void run() throws Exception {
088        doTest(tableName);
089        return null;
090      }
091    });
092  }
093
094  static UserGroupInformation login(String krbKeytab, String krbPrincipal) throws Exception {
095    Configuration conf = new Configuration();
096    conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos");
097    UserGroupInformation.setConfiguration(conf);
098    UserGroupInformation.loginUserFromKeytab(krbPrincipal, krbKeytab);
099    return UserGroupInformation.getLoginUser();
100  }
101
102}