001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.security; 019 020import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.loginKerberosPrincipal; 021import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.setSecuredConfiguration; 022 023import java.io.File; 024import java.util.Collections; 025import org.apache.hadoop.hbase.HBaseParameterizedTestTemplate; 026import org.apache.hadoop.hbase.HBaseTestingUtil; 027import org.apache.hadoop.hbase.io.crypto.tls.X509KeyType; 028import org.apache.hadoop.hbase.ipc.TestProtobufRpcServiceImpl; 029import org.apache.hadoop.hbase.testclassification.RPCTests; 030import org.apache.hadoop.hbase.testclassification.SmallTests; 031import org.apache.hadoop.minikdc.MiniKdc; 032import org.apache.hadoop.security.UserGroupInformation; 033import org.junit.jupiter.api.AfterAll; 034import org.junit.jupiter.api.BeforeAll; 035import org.junit.jupiter.api.Tag; 036import org.mockito.Mockito; 037 038import org.apache.hadoop.hbase.shaded.ipc.protobuf.generated.TestRpcServiceProtos.TestProtobufRpcProto.BlockingInterface; 039 040@Tag(RPCTests.TAG) 041@Tag(SmallTests.TAG) 042@HBaseParameterizedTestTemplate(name = "{index}: caKeyType={0}, certKeyType={1}, keyPassword={2}") 043public class TestSaslTlsIPCRejectPlainText extends AbstractTestTlsRejectPlainText { 044 045 private static File KEYTAB_FILE; 046 047 private static MiniKdc KDC; 048 private static String HOST = "localhost"; 049 private static String PRINCIPAL; 050 private static UserGroupInformation UGI; 051 052 public TestSaslTlsIPCRejectPlainText(X509KeyType caKeyType, X509KeyType certKeyType, 053 char[] keyPassword) { 054 super(caKeyType, certKeyType, keyPassword); 055 } 056 057 @BeforeAll 058 public static void setUpBeforeClass() throws Exception { 059 HBaseTestingUtil util = new HBaseTestingUtil(); 060 UTIL = util; 061 initialize(); 062 KEYTAB_FILE = new File(util.getDataTestDir("keytab").toUri().getPath()); 063 KDC = util.setupMiniKdc(KEYTAB_FILE); 064 PRINCIPAL = "hbase/" + HOST; 065 KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL); 066 HBaseKerberosUtils.setPrincipalForTesting(PRINCIPAL + "@" + KDC.getRealm()); 067 UGI = loginKerberosPrincipal(KEYTAB_FILE.getCanonicalPath(), PRINCIPAL); 068 setSecuredConfiguration(util.getConfiguration()); 069 SecurityInfo securityInfoMock = Mockito.mock(SecurityInfo.class); 070 Mockito.when(securityInfoMock.getServerPrincipals()) 071 .thenReturn(Collections.singletonList(HBaseKerberosUtils.KRB_PRINCIPAL)); 072 SecurityInfo.addInfo("TestProtobufRpcProto", securityInfoMock); 073 } 074 075 @AfterAll 076 public static void tearDownAfterClass() { 077 if (KDC != null) { 078 KDC.stop(); 079 } 080 cleanUp(); 081 } 082 083 @Override 084 protected BlockingInterface createStub() throws Exception { 085 return TestProtobufRpcServiceImpl.newBlockingStub(rpcClient, rpcServer.getListenerAddress(), 086 User.create(UGI)); 087 } 088}